[arin-discuss] Spammer/Abuser screening policy

Azinger, Marla marla_azinger at eli.net
Tue Apr 25 17:34:11 EDT 2006


Here is the AUP I have been working with:

Acceptable Use Policy 

The following section of this Document comprises ELI's "Acceptable Use Policy" (AUP) as it exists the day that this agreement between ELI and the Customer is entered into. As UCE and "hacking" technology develops at an alarming rate and is expected to continue to do so, ELI reserves the right to add, remove, or modify specific prohibitions from this section of this Document. The Customer recognizes and agrees that the on-line AUP prohibitions, to be maintained by ELI and always available to all Customers and to the public at ELI Technical Support page, supersede the prohibitions listed in this document. 

Customer shall not do any of the following, or permit any third party under its control (including its customers and their authorized users [ad infinium]) to do the following, and must include provisions in its service agreements for its customers and authorized users that restrict them from doing any of the following: 
restrict or inhibit any other user from using and enjoying the Service and/or the Internet; or 
upload, post, publish, transmit, reproduce, distribute, or participate in the transfer or sale, or in any way exploit any information, software or other material obtained through the Internet which is PROTECTED BY COPYRIGHT or other proprietary rights or derivative works with respect thereto, without obtaining permission of the copyright owner or rightholder; or 
use the SMTP services of a third party for the purposes of relaying or sending electronic mail messages without the express permission of that third party; or 
host a publicly-accessible "open relay" mail server, open-proxy, or any other anonymous remailer service for any purpose, cause, or reason; or 
post a commercial advertisement to any USENET newsgroup, Internet "chat room", bulletin board, or similar forum, if the target forum is not specifically chartered for public advertisement by non-private parties of items "for sale"; or 
post to any USENET Newsgroup or other newsgroups, forum, email mailing list or similar group or list articles which are off-topic according to the charter or other public statement of the group; or 
send Unsolicited Commercial E-mail (UCE, also known as SPAM) to any number of e-mail users or lists; or 
maintain, or send e-mail to, "opt-in targeted marketing lists" if the Customer cannot demonstrate, to ELI's satisfaction, that the members of the list(s) have knowingly requested to be added to the list(s) in question through direct action of their own doing, and that easily-accessible, automated opt-out/removal mechanisms are in place and available to the members of the list(s); or 
engage in any activity that is, or appears to be, an attempt to gain unauthorized access to a remote system or network, or to gain information that could later be used to assist in gaining unauthorized access to a remote system or network, such as port scanning, dictionary attacks, Denial of Service attacks, server/service hijacking, etc.; or 
engage in any of the foregoing activities using the service of another provider, but channeling such activities through an ELI account or remailer, or using an ELI account as a mail drop for responses to UCE, or hosting a website that is advertised via UCE that originates from a non-ELI.NET-connected source, or otherwise requiring return transit through ELI's internet backbone; or 
falsify or "spoof" user information provided to ELI or to other users of the Service, and for handling all complaints and trouble reports made by its own customers and authorized users; or 
use the Service in violation or contravention of the Communications Act of 1934, as amended by the Telecommunications Act of 1996, or any other applicable law, regulation, order or other governmental directive, or abuse or fraudulently use the Service in any way not specifically set forth above. 
Advertise, transmit, or otherwise make available any software, program, product, or service that is designed to violate this AUP, which includes but is not limited to, the facilitating the sending of Unsolicited Commercial Email (UCE also known as SPAM). 
Further, if Customer is notified by ELI's Security/Abuse Response Team, via e-mail from abuse at support.eli.net to the Customer's abuse@[Customer's Internet Domain Name] mailbox (required by Item (d) of Section 6 of this agreement), or the Customer discovers on their own or through any other means, that the Customer themselves or any third party under his/her control (including his/her customers and their authorized users [ad infinium]) of a violation of any of the foregoing prohibitions, the Customer will take whatever steps are necessary to stop such activity, and prevent repeat violations by the offending entity. 

The customer will respond to all violations reported by the ELI Abuse Response Team within 1 (one) business day of the violation being reported, and will have put a stop to the activity within 2 (two) business days of the violation first being reported. If a single entity is responsible for multiple violation reports that are sent to the Customer by ELI's Abuse Response Team, only a single response from the Customer back to ELI's Abuse Response Team is required, provided that the Customer has taken whatever action was necessary to stop the current violation and prevent future repeat violations by the offending entity. 

If, after the Customer has notified ELI that the Customer has taken action to prevent future violations by a given entity, that entity is found accessing ELI's network, ELI may consider this a breach of ELI's system integrity, and ELI reserves the right to deal with this situation as detailed in Item (b) of Section 10 of the Internet Access Addendum signed by the customer. 

--------------------------------------------------------------------------------
ELI.NET 

... is a Network Service Provider, and does not directly host any web-sites or dialup customers. Our networking clients are typically ISP's, NSP's, and other LANs/networks. 

Complaints 

... regarding the violation of any of the above conditions by any of ELI's downstream networking clients or their customers, should include notification to the ELI.NET Security/Abuse Response Team <abuse at support.eli.net> in addition to the ISP/NSP the violation actually sourced from. 

Any complaints sent to <hostmaster at eli.net> <postmaster at eli.net> <webmaster at eli.net> or any other address @eli.net may be forwarded to the ELI.NET Security/Abuse Response Team <abuse at support.eli.net> - if the separate groups/individuals that answer those addresses have the time to do so. However, complaints sent to any of these addresses will take much longer to process if they are forwarded to the abuse team due to the delays in forwarding, as none of these addresses are valid points-of-contact for abuse complaints. 

Abuse complaints to <abuse at support.eli.net> are processed within two (2) working days upon receipt. Due to the volume of email notices sent to the ELI SART, this does not mean you will receive a reply, only that we will act on the complaint. 

Complaints to ELI.NET's Security/Abuse Response Team: 
Complaints to ELI.NET's Security/Abuse Response Team: 
Must be specific as to the nature of the complaint (i.e. UCE, Usenet Abuse, etc), and identify why you are complaining to ELI.NET about it. 
Must include in the body of the message or as a plaintext attachment; either an original copy of the offending message with full headers included, or be the relevant text portion of access and/or intrusion log files. Please do not attach binary 'documents' (MS word/PDF/etc), images, winmail.dat payloads, multi-file archives, or other application-specific files requiring specialized decoders. 
Optionally may include traceroute, WHOIS, or DNS output that demonstrates transit or support via ELI.NET's backbone to one of the responsible parties; that they are a networking customer of ELI.NET, or of one of ELI.NET's networking customers. 
ELI's Security/Abuse Response Team: 

... has collected a variety of links to references, online tools, and software to assist in the fight against net-abuse. Please feel free to bookmark the ELI NoSpam Page.  

-----Original Message-----
From: arin-discuss-bounces at arin.net
[mailto:arin-discuss-bounces at arin.net]On Behalf Of Azinger, Marla
Sent: Tuesday, April 25, 2006 2:29 PM
To: Loevner, Michael; ipaddressing; Edge, Steve; ARIN-discuss at arin.net
Subject: Re: [arin-discuss] Spammer/Abuser screening policy


Here is how I screen:

1.  I review Account Name and domain name first.  If the name has what I call a red flag word I got research the company name, domain and all names I find in public registry.  Some key words I use are derivatives of *marketing, *data, *electronic, *Management, *Recourse and more.  You will kind of get the hang of what words can be red flags.

2.  Where I do my 
	-reading the services provided on the respective web site  
	-Google Groups and type in "name" and the word spam or abuse
	-Rokso list

Hope this helps
Marla

-----Original Message-----
From: Loevner, Michael [mailto:mloevner at gnilink.net]
Sent: Tuesday, April 25, 2006 1:21 PM
To: Azinger, Marla; ipaddressing; Edge, Steve; ARIN-discuss at arin.net
Subject: RE: [arin-discuss] Spammer/Abuser screening policy


Marla,

I'm looking for screening information...before they have their service
turned up.

Thanks,

Mike Loevner
IP Address Management
Verizon Internet Services

-----Original Message-----
From: Azinger, Marla [mailto:marla_azinger at eli.net] 
Sent: Tuesday, April 25, 2006 4:19 PM
To: ipaddressing; Edge, Steve; Loevner, Michael; ARIN-discuss at arin.net
Subject: RE: [arin-discuss] Spammer/Abuser screening policy


I screen.  I've shared this freely before.  But to get the requested
information straight, what exactly do you want info wise?  A copy of my
AUP?  And a outline of how I screen?  Those are two different
situations.  AUP doesnt come into play unless I already turned them up.
Screening, or at least how I do it, they never get accepted as a
customer and the order stops before install.

Marla
Frontier Communications
-----Original Message-----
From: arin-discuss-bounces at arin.net
[mailto:arin-discuss-bounces at arin.net]On Behalf Of ipaddressing
Sent: Tuesday, April 25, 2006 12:55 PM
To: Edge, Steve; Loevner, Michael; ARIN-discuss at arin.net
Subject: Re: [arin-discuss] Spammer/Abuser screening policy


I wasn't aware of such a screening process.  Is this standard ISP
practice for smaller subnets such as /29 and up to /24.  I guess I am
curious to some of these policies and procedures as well.

Thanks,

Jeremy McMasters
Network Engineer
Atlantic Broadband




From: arin-discuss-bounces at arin.net on behalf of Edge, Steve
Sent: Tue 4/25/2006 3:42 PM
To: Loevner, Michael; ARIN-discuss at arin.net
Subject: Re: [arin-discuss] Spammer/Abuser screening policy


 I would also be interested in receiving the policy information.

Thanks,

Stephen J. Edge Sr.
Network Transmission & Enhanced Services Engineering Manager
Horry Telephone Cooperative, Inc.
email: steve.edge at htcinc.net


________________________________

From: arin-discuss-bounces at arin.net
[mailto:arin-discuss-bounces at arin.net] On Behalf Of Loevner, Michael
Sent: Tuesday, April 25, 2006 3:33 PM
To: ARIN-discuss at arin.net
Subject: [arin-discuss] Spammer/Abuser screening policy


Hello,

If anybody is willing to share their companies' policies on screening
potential customers to determine whether a customer should be allowed an
IP assignment based on their abuse history, please e-mail me off list.

Thanks,

Mike Loevner
IP Address Management
Verizon Internet Services

**********************************************************************
HTC Disclaimer:  The information contained in this message may be
privileged and confidential and protected from disclosure. If the reader
of this message is not the intended recipient, or an employee or agent
responsible for delivering this message to the intended recipient, you
are hereby notified that any dissemination, distribution or copying of
this communication is strictly prohibited.  If you have received this
communication in error, please notify us immediately by replying to the
message and deleting it from your computer.  Thank you.
**********************************************************************

_______________________________________________
ARIN-discuss mailing list
ARIN-discuss at arin.net
http://lists.arin.net/mailman/listinfo/arin-discuss
_______________________________________________
ARIN-discuss mailing list
ARIN-discuss at arin.net
http://lists.arin.net/mailman/listinfo/arin-discuss



More information about the ARIN-discuss mailing list